We've been talking about how multiple sources stack when loading trust policy. As part of this the multiple directories that p11-kit trust module can be configured with should show up as multiple slots/tokens in the module.
This is an implementation detail, but does better model how we want to stack this stuff in the future.

After applying these patches, the various input paths built into the p11-kit trust module should show up as different tokens. Previously there was only one token in the module.
In PKCS#11 each token is a database of objects. A single module can have multiple tokens. This patch changes it so that each configured input source path shows up as a separate token. The certificate files in each input source path will show up as certificate objects in the token in question.
These tokens are visible in the Firefox security device manager. You should be able to see which certificates are on which token using the certificate authority list.
You can see the various tokens with the tool:
p11-kit list-modules